<?php 
/* 
 * This file is part of TCDB. 
 * 
 * Copyright (C) 2000-2009 
 * Technology Consultant Corps 
 * Grinnell College 
 * Grinnell, IA, 50112 
 * tc@grinnell.edu 
 * 
 * TCDB is free software; you can redistribute it and/or modify 
 * it under the terms of the GNU General Public License as published by 
 * the Free Software Foundation; either version 3 of the License, or 
 * (at your option) any later version. 
 * 
 * TCDB is distributed in the hope that it will be useful, 
 * but WITHOUT ANY WARRANTY; without even the implied warranty of 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
 * GNU General Public License for more details. 
 * 
 * You should have received a copy of the GNU General Public License 
 * along with TCDB. If not, see <http://www.gnu.org/licenses/>. 
 * 
 
 ============================================================================= 
 
 * require_full_tc.php -- A test to see if the logged-in user is a Full TC; should 
 *                        be included directly after require_login.php but before
 *                        header.php or any other HTML, as it needs to create
 *                        its own page if the user's creds fail;
 *                        Attempts to preserve all GET and POST variables except
 *                        those used for login;
 *                        After a user successfully authenticates, she is 
 *                        re-routed back to the original page she requested
 *         
 *                        This works in an almost identical manner as require_admin.php,
 *                        checking the user's 'full_TC' status instead of whether or not
 *                        the user is an admin.
 * 
 * Author: Dylan J. Sather 
 * Created: 2009-06-22 
 * Last edited: 2009-06-24 
 *
 * Thanks to Andrew Kensler and for his work on require_full_tc.php since September 2000
 */ 
 
// Check to see if the 'is_full_TC' $_SESSION variable is set
if (!$_SESSION["is_full_TC"]) {

?> 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <head>
    <title><?php echo ($config["system_title"] . ' - ' . $page_title); ?></title>
    <link rel="shortcut icon" href="favicon.ico" type="image/x-icon" />
		
    <meta http-equiv="content-type" content="application/xhtml+xml; charset=utf-8" />
    <meta name="author" content="Technology Consultant Corps" />
    <meta name="revised" content= <?php
    
    /* This script checks the date_modified file to see when a file in TCDB
       was last modified, giving us the date at which TCDB was last revised */

    $date_file = "date_modified";
    $fh = fopen($date_file, 'r');
    $date = fread($fh, filesize($date_file));
    $date = trim($date);
    fclose($fh);
    print "\"Technology Consultant Corps, $date\" />";
    
    ?>

    <meta name="description" content="Technology Consultant Database" />

    <meta name="keywords" content="technology consultants, tcdb, technology consultant database,
				   grinnell college, tc corps, timesheets, scheduling" />
    <meta http-equiv="Content-Style-Type" content="text/css" />
    <meta http-equiv="Content-Script-Type" content="text/javascript" />
    <link rel="stylesheet" type="text/css" href="css/tcdb.css" />
    <script type="text/javascript" src="javascript/tcdbLibrary.js"></script>
  </head>    

<body onload="setLoginFocus()">
  <h1 class="underline">Invalid Credentials</h1>
  <p>You must be a full TC to proceed.<br /> 
     If you think you're receiving this message in error, try logging in again:</p>

  <form method="post" action="<?php echo "$_SERVER[REQUEST_URI]"; ?>">
    <div id='login_centered'> <!-- LOGIN div -->
      <span class='box_header'>Log In</span><br /> 
      <input type='text' name='login_username' id='login_username' size='10' /><br />
      <input type='password' name='login_password' size='10' /><br />
<?php

/* For both the $_POST and $_GET superglobals, reset their "internal counter"
   to 0 (see manual on reset) and loop through the array, saving any data as 
   input in hidden form; the spaces after the echo are to keep the HTML
   in the source code properly nested and indented */

    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
	reset ($_POST);
	while (list ($key, $value) = each ($_POST)) {
	    if ($key != "login_username" && $key != "login_password") {
		echo "      <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
	    }
	}
    }

    else if ($_SERVER['REQUEST_METHOD'] == 'GET') {
	reset ($_GET);
	while (list ($key, $value) = each ($_GET)) {
	    if ($key != "login_username" && $key != "login_password") {
		echo "      <input type=\"hidden\" name=\"$key\" value=\"$value\" />\n";
	    }
	}
    }

    ?>
      <input type='submit' value='Log In' />
    </div> <!-- End LOGIN div -->
  </form>

</body>

</html>

<?php

    exit();

}

?>
